Category: Privacy

Privacy has become a valuable asset in today’s world and therefore the technology to protect it has become a very marketable product. When online privacy is mentioned most people automatically think about their Internet web browsing history and social media footprint.

“Every day young adults will call me up and tell me that they can’t get a job due to an ill advised tweet or Facebook issue…Education is key.” – Tony McChrystal, reputation.com

Unfortunately, the more high profile people are, the more people will make use of their online footprint and rarely for good.

According to Dave King, CEO of Digitalis reputation management, all major recent high profile hacks including the Sony hack originated from strategically valuable individuals compromised by highly targeted attacks. The TalkTalk hack is the sole exception to this.

Your browsing history and online profile is only a tiny fraction of a much larger data picture. Publicly available data include the land registry and voter registration databases that a large proportion of us are recorded on.

A quick search of 192.com will tell anyone who has your name and postcode with full name, address, age, neighbours and property price.

Many online retailers use this publicly available data combined with users browsing history to make decisions about what items will influence their purchasing decision.

Each visit is carefully customised to provide a “frictionless” experience in data engineering terms. The more a specific site is visited the more information about the users habits are gathered.

If someone have a Google, Yahoo or Facebook account they are not the consumer, they are the product. Put simply, the more information these companies have on users the more accurately they can target them with highly tuned adverts.

Neterix, a company that specialises in privacy compliance for business commented:

“People are more aware of the value of their personal information, yet so many are willing to trade some of it for “free” services. People have to choose if that service is worth the potential privacy cost.” – Les Pritchard, Neterix.

As an individual people have limited recourse to have such information removed. Privately held databases are allowed to hold information on people as long as they abide by the data protection act (If it applies.) As long as the information is correct and used in a fair manner companies are not compelled to remove it.

The breadth of data detailed above barely scratch the surface. Several private information brokers provide even more detailed information on individuals for a fee. These companies include Experian, Equifax and many large financial organisations.

There are such a huge number of data vendors that trying to take back control of data using opt outs could become a full time undertaking and you can be sure these providers will not want anyone to have an easy ride removing the information as doing so is not in their interest.

Although there are not yet many products on the market for “Privacy As A Service” they are starting to appear although predominantly targeted to the American market at present

Speaking to several experts on the subject of what privacy as a service looks like there was a common theme about what privacy as to what it might look like.

When asked what such an all-encompassing privacy service might look like King puts it this way:

“A service that manages my services long term and looks to manage my data as a whole, who may have access to it and for what purpose. It should have an educational component as well. Ideally it would automatically search and monitor for my potential privacy issues.”

Common consensus across all the experts interviewed is that privacy as a service would take the form of a web based portal that will integrate privacy controls alongside a more conventional ad and tracking blocking technology.

Such a service would essentially provide a one-stop shop for management of your online profile and implement privacy controls in a consistent and controlled way. This would allow everyone to avoid online tracking

Some companies will attempt to remove information from as many online services as possible, for a fee. All these services come with a caveat that they cannot control all the information, all the time. No matter what someone wishes for some records will inevitably stay on the web, especially where required by law.

Interestingly on a similar vein the recent “right to be forgotten” has had a mixed effect since its inception. Google’s own data would suggest that as of July 2015 Google had received requests to remove 1.25 million URLs based on 353,484 requests.

Google has also revealed that the ten most common removal requests represent a mere nine percent of all requests received. Somewhat unsurprisingly the top website for removal requests is Facebook. The second most popular site however is a profile search engine utility. This fact underscores how important it is to pause for thought before putting information on publicly available websites.

“You have to try and understand how your data is going to be used in the future and what it will be used for in the future and be aware of the changes in technology may render it useful in unforeseen ways” – Jim Killock, Open Rights Group

Peoples data is valuable and unfortunately many sites are built around the premise of collecting and mining user submitted data so those using the service essentially become the product and users data is sold on to third parties, none of whom the end user gets to know about.

Until such services are widely available anyone wanting to protect their data should look at what information they give to whom and for what reason. When using online social media familiarise yourself with the privacy tools the vendor provides. At the end of the day it is up to the individual to think before giving away valuable data.

During the last few weeks I picked up a new client, ARS Technica UK. I was asked to write about the Digital Economy Act and how it is doomed to fail at any significant scale.

Essentially the UK government is trying to stop porn being viewed by those under 18. To those internet savvy people reading this you know it is a trivial exercise to bypass government mandated filters.

The man from Virgin Media, he say no!

The people passing this law may well not have a grip on this new fangled internet technology.

Those that want porn will still get it via VPN, TOR and newsgroups. Even the government admit that people will try to bypass it. As Ernesto at Torrent freak mentioned “It is just about making pornography that bit harder to access”. However to many, myself included this could be the thin end of the wedge of an assault on our civil liberties.